More than 300 bad actors stole US$191 million from Nomad’s cross-chain bridge which resulted from a software upgrade that backfired, crypto analytics firm PeckShield told The Block on Tuesday.

See related article: Nomad Bridge alerts law enforcement amid US$200 mln attack

Fast facts

  • A routine software update on one of Nomad’s smart contracts allowed users to spoof transactions and drain funds from the bridge, according to Twitter user and researcher at Paradigm, @samczsun.
  • The technical flaw was discovered on Monday by an unidentified hacker that drained US$95 million from the bridge, followed by many others to take advantage of the vulnerability, PeckShield told The Block.
  • The security firm found that not all of the addresses were bad actors — it discovered at least six white hat hackers that are expected to return the funds they took.
  • Unlike the Nomad exploit, previous attacks on Ronin bridge or Harmony Horizon were linked back to one or two groups of hackers, likely backed by North Korea, according to the U.S. Federal Bureau of Investigation (FBI) and blockchain analytics firm Elliptic.
  • Nomad updated its community via Twitter early morning Wednesday Asia time, saying it is setting up a recovery address for white hats to send recovered funds.
  • It also informed its followers that it is developing an action plan to fix the technical flaw, while working with chain analysis, intelligence firms and law enforcement to trace the exploitation.

See related article: Are we helpless against attacks on blockchain bridges?